The Health Insurance Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SOX), Gramm Leach Bliley Act (GLBA), and International Standards Organization (ISO) 17799 all require protection and tracking of data access. These regulations not only require fine-grain auditing of application access and usage, but may also require the ability to track complex access patterns across applications and across end points in real-time. Meeting these requirements can be difficult because, for example:                Many legacy applications either cannot be modified (e.g., because the applications no longer have vendor support), are difficult to modify (e.g., because they are commercial, off-the-shelf software), or are in languages, such as Cobol, C++, etc., in which many contemporary artisans are no longer fluent, if conversant. Some compliance solutions rely on back-end modifications to systems in order to log activities, and hence, would not be able to handle such legacy applications.        Some applications do not have sufficient access control mechanisms. For example, many applications cannot control access based on a user's role or granted rights, the time of day, the context of the access, etc. For example, some applications have access control mechanisms that are set locally for each machine or each application, and cannot be centrally managed on one server.        Some applications do not maintain audit logs of user access and actions, or may not have sufficiently fine-grain logging of access, e.g., the applications cannot monitor access to a particular screen, or particular data, such as a patient's medical information.        Some applications maintain audit logs of user access and actions, but the audit logs can be modified by a technically-skilled person without being detected, so as to conceal unauthorized actions.        Where applications maintain their own audit logs, it may not be possible to have a centralized view of all audit logs, making real-time cross-application compliance checking difficult.        Some applications lack alert mechanisms for when users perform unauthorized operations. Even if alert mechanisms are available, not all applications may support the administrators' preferred alert channels/methods.        Access audit and control mechanisms may not be effective for tracking and controlling access to files, printers, scanners, etc.        
Certain aspects of the present invention address these needs.